Hackers made Bank clients debtors – Large-scale data breach occurred in Russia
On June 8-9, Alfa-Bank was attacked for several hours, as a result of which the stolen funds appeared on the accounts of random customers of the credit institution.
Some clients of the Bank received amounts from 10 to 15 thousand rubles ($ 155-235). Many of them quickly spent this easy money.
However, immediately after the payment, Alfa-Bank clients were charged amounts two to three times more than the fraudsters sent. They formed an overdraft or a short-term loan.
Alfa-Bank solved the problem with hacking within a few hours, and clients of Bank are obliged to return the money that came from hackers in full amount. However, there were no official comments from Alfa-Bank.
Experts said that such a fraud can be done only with access to the Bank’s system. Therefore, the security service is looking for fraud among its employees.
It is worth noting that on June 9, the Russian newspaper Kommersant reported the leakage of personal data of 900 thousand clients of Alfa-Bank, OTP Bank and Home Credit Bank in Russia. According to the published material, the names, phone numbers (mobile, home and work), address and place of works, passport data of almost 900 thousand Russians including 55 thousand customers of Alfa-Bank were publicly available on the Internet, as well as balances on the accounts of clients of Alfa-Bank limited to a range of 130-160 thousand rubles.
The company DevicеLock found the leaks. They occurred at the end of May, the data were collected a few years ago, but a significant part of the information is still relevant. Moreover, DeviceLock discovered two customer databases of Alfa-Bank: one contains data on more than 55 thousand customers from 2014-2015, the second contains 504 records from 2018-2019.
An interesting fact is that one of the databases of clients of Alfa-Bank contains data on about 500 employees of the Ministry of Internal Affairs and about 40 people from the FSB (the Federal Security Service).
The Press Service of Alfa Bank said that at the moment they are checking the accuracy and relevance of information.